Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Similarly, a white hat could watch /events and warn users and/or services when credentials are 'burned'. (A major exploitable service like AWS might even want to do this itself.)


AWS actually does that already — they'll ping you by email if they find one of your keys on GitHub!


Why do they take longer than the black hats, though?


Thinking of actually working on this. Seems like an interesting and useful little project. Can email users or create an issue on the repo.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: